提交 12bdb643 编写于 作者: N Nils Larsch

use SHA-1 as the default digest for the apps/openssl commands

上级 7bdf8eed
......@@ -2,7 +2,11 @@
OpenSSL CHANGES
_______________
Changes between 0.9.7e and 0.9.8 [xx XXX xxxx]
Changes between 0.9.7f and 0.9.8 [xx XXX xxxx]
*) Use SHA-1 instead of MD5 as the default digest algorithm for
the apps/openssl applications.
[Nils Larsch]
*) Compile clean with "-Wall -Wmissing-prototypes
-Wstrict-prototypes -Wmissing-declarations -Werror". Currently
......
......@@ -115,7 +115,7 @@ int MAIN(int argc, char **argv)
X509_OBJECT xobj;
EVP_PKEY *pkey;
int do_ver = 0;
const EVP_MD *md_alg,*digest=EVP_md5();
const EVP_MD *md_alg,*digest=EVP_sha1();
apps_startup();
......
......@@ -67,7 +67,7 @@ cert_opt = ca_default # Certificate field options
default_days = 365 # how long to certify for
default_crl_days= 30 # how long before next CRL
default_md = md5 # which md to use.
default_md = sha1 # which md to use.
preserve = no # keep passed DN ordering
# A few difference way of specifying how similar the request should look
......
......@@ -187,7 +187,7 @@ int MAIN(int argc, char **argv)
char *p;
char *subj = NULL;
int multirdn = 0;
const EVP_MD *md_alg=NULL,*digest=EVP_md5();
const EVP_MD *md_alg=NULL,*digest=EVP_sha1();
unsigned long chtype = MBSTRING_ASC;
#ifndef MONOLITH
char *to_free;
......
......@@ -184,7 +184,7 @@ int MAIN(int argc, char **argv)
X509_REQ *rq=NULL;
int fingerprint=0;
char buf[256];
const EVP_MD *md_alg,*digest=EVP_md5();
const EVP_MD *md_alg,*digest=EVP_sha1();
CONF *extconf = NULL;
char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
int need_rand = 0;
......
......@@ -98,8 +98,8 @@ default.
the digest to use. This affects any signing or display option that uses a message
digest, such as the B<-fingerprint>, B<-signkey> and B<-CA> options. If not
specified then MD5 is used. If the key being used to sign with is a DSA key then
this option has no effect: SHA1 is always used with DSA keys.
specified then SHA1 is used. If the key being used to sign with is a DSA key
then this option has no effect: SHA1 is always used with DSA keys.
=item B<-engine id>
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册